Government

Hackers Still Breaching Local Government Payment Portals

17 – 24 September 2019

Hackers have been targeting Click2Gov payment portals and had compromised at least eight US municipalities since August 2019.

Hackers have been targeting Click2Gov payment portals and had compromised at least eight US municipalities since August 2019. The attacks were discovered after a new batch of 20,000 payment card details surfaced in carding forums.

Click2Gov is a self-service portal where US citizens can pay taxes and bills. Since 2017, a hacker group began targeting self-hosted Click2Gov portals that were lagging in software patches. More than 300,000 payment card details were pilfered from vulnerable Click2Gov portals in at least 46 US cities, netting the hackers an estimated US$1.7 million in revenue. It remains unclear how hackers breached the updated Click2Gov portal in the latest campaign but investigators believed the hackers may have left a hidden backdoor during the attacks in 2017 and 2018.

 

References:

Second Wave of Click2Gov Breaches Hits United States

More Weekly Cyber Newsanalysis and insights

Ensign Consulting

Enhancing your security posture, developing your cyber strategy, and designing your incident response plans.​

Ensign Systems Integration

Architecting and implementing cybersecurity solutions that bolster defences

Ensign Managed Security Services

Managing your security operations for advanced threat detection, continuous monitoring, and triage services

Ensign Labs

Performing deep research to analyse vulnerabilities, deploy advanced threat hunting and provide cyber threat intelligence